CVE-2017-3143

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.

Affected Software

Name	Vendor	Start Version	End Version
Bind	Isc	9.4.0 (including)	9.8.8 (including)
Bind	Isc	9.9.0 (including)	9.9.10 (including)
Bind	Isc	9.10.0 (including)	9.10.5 (including)
Bind	Isc	9.11.0 (including)	9.11.1 (including)
Bind	Isc	9.9.0-p1 (including)	9.9.0-p1 (including)
Bind	Isc	9.9.3-s1 (including)	9.9.3-s1 (including)
Bind	Isc	9.9.10-s2 (including)	9.9.10-s2 (including)
Bind	Isc	9.10.5-p1 (including)	9.10.5-p1 (including)
Bind	Isc	9.10.5-s1 (including)	9.10.5-s1 (including)
Bind	Isc	9.10.5-s2 (including)	9.10.5-s2 (including)
Bind	Isc	9.11.1-p1 (including)	9.11.1-p1 (including)
Red Hat Enterprise Linux 6	RedHat	bind-32:9.8.2-0.62.rc1.el6_9.4	*
Red Hat Enterprise Linux 7	RedHat	bind-32:9.9.4-50.el7_3.1	*
Bind9	Ubuntu	artful	*
Bind9	Ubuntu	devel	*
Bind9	Ubuntu	esm-infra-legacy/trusty	*
Bind9	Ubuntu	esm-infra/xenial	*
Bind9	Ubuntu	trusty	*
Bind9	Ubuntu	trusty/esm	*
Bind9	Ubuntu	vivid/ubuntu-core	*
Bind9	Ubuntu	xenial	*
Bind9	Ubuntu	yakkety	*
Bind9	Ubuntu	zesty	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-3143
CWE	https://cwe.mitre.org/data/definitions/.html

Affected Software

References